1791 matches found
ViewVC Detection
The remote host is running ViewVC, a web-based tool for browsing CVS and Subversion repositories. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid42347; scriptversion"1.10"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...
ViewVC Detection
This host is running ViewVC, a browser interface for CVS and Subversion version control repositories. OpenVAS Vulnerability Test $Id: viewvcdetect.nasl 5744 2017-03-28 07:25:23Z cfi $ ViewVC Detection Authors: Michael Meyer Copyright: Copyright c 2009 Greenbone Networks GmbH This program is free...
CVE-2009-0899
IBM WebSphere Application Server WAS 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere Portal Server 5.1 through 6.0, and IBM Integrated Solutions Console ISC 6.0.1 do not properly set the IsSecurityEnabled security flag during migration of WebSphere Member Manager WMM to Virtual Member...
Design/Logic Flaw
IBM WebSphere Application Server WAS 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere Portal Server 5.1 through 6.0, and IBM Integrated Solutions Console ISC 6.0.1 do not properly set the IsSecurityEnabled security flag during migration of WebSphere Member Manager WMM to Virtual Member...
Solaris 8 (sparc) : 136863-01
VERITAS NetBackup 6.5 Product Release Hotf. Date this patch was last updated by Sun : Feb/24/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
FreeBSD : CVS path validation errors (0792e7a7-8e37-11d8-90d1-0020ed76ef5a)
Two programming errors were discovered in which path names handled by CVS were not properly validated. In one case, the CVS client accepts absolute path names from the server when determining which files to update. In another case, the CVS server accepts relative path names from the client when...
CVE-2009-1358
apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...
CVE-2009-1358
apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...
Code injection
apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...
CVE-2009-1358
apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...
CVE-2009-1358
apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...
CVE-2009-1358
apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories...
[USN-762-1] APT vulnerabilities
=========================================================== Ubuntu Security Notice USN-762-1 April 20, 2009 apt vulnerabilities CVE-2009-1300, https://launchpad.net/bugs/356012 =========================================================== A security issue affects the following Ubuntu releases: Ubun...
Mandriva Update for mdkonline MDVA-2008:201 (mdkonline)
Check for the Version of mdkonline OpenVAS Vulnerability Test Mandriva Update for mdkonline MDVA-2008:201 mdkonline Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Debian Security Advisory DSA 1725-1 (websvn)
The remote host is missing an update to websvn announced via advisory DSA 1725-1. OpenVAS Vulnerability Test $Id: deb17251.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1725-1 websvn Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Fedora Update for viewvc FEDORA-2008-8252
Check for the Version of viewvc OpenVAS Vulnerability Test Fedora Update for viewvc FEDORA-2008-8252 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Debian DSA-1725-1 : websvn - programming error
Bas van Schaik discovered that WebSVN, a tool to view Subversion repositories over the web, did not properly restrict access to private repositories, allowing a remote attacker to read significant parts of their content. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...
Fedora Update for viewvc FEDORA-2008-2143
Check for the Version of viewvc OpenVAS Vulnerability Test Fedora Update for viewvc FEDORA-2008-2143 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
DSA-1725-1 websvn - information leak
Bulletin has no description...
FreeBSD : websvn -- multiple vulnerabilities (71597e3e-f6b8-11dd-94d9-0030843d3802)
Secunia reports : Some vulnerabilities have been reported in WebSVN, which can be exploited by malicious users to disclose sensitive information, and by malicious people to conduct cross-site scripting attacks and manipulate data. Input passed in the URL to index.php is not properly sanitised...